Test if password matches after user is created

security/src/main/java/org/genesys/blocks/security/service/impl/BasicUserServiceImpl.java

@@ -40,7 +40,6 @@ import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
-import org.springframework.security.crypto.password.NoOpPasswordEncoder;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.transaction.annotation.Transactional;
 
@@ -67,8 +66,8 @@ public abstract class BasicUserServiceImpl<R extends GrantedAuthority, T extends
 	private JpaRepository<T, Long> _repository;
 
 	/** The password encoder. */
-	@Autowired(required = false)
-	protected final PasswordEncoder passwordEncoder = NoOpPasswordEncoder.getInstance();
+	@Autowired
+	protected PasswordEncoder passwordEncoder;
 
 	/** The password policy. */
 	@Autowired(required = false)

security/src/main/java/org/genesys/blocks/security/service/impl/CustomAclServiceImpl.java

@@ -301,7 +301,7 @@ public class CustomAclServiceImpl implements CustomAclService {
 	 */
 	@Override
 	@Transactional(readOnly = true)
-	@PreAuthorize("returnObject==null or hasRole('ADMINISTRATOR') or hasPermission(#id, #className, 'ADMINISTRATION')")
+	@PreAuthorize("hasRole('ADMINISTRATOR') or hasPermission(#id, #className, 'ADMINISTRATION')")
 	public AclObjectIdentity getObjectIdentity(final long id, final String className) {
 		return aclObjectIdentityPersistence.findByObjectIdAndClassname(id, className);
 	}

security/src/test/java/org/genesys/blocks/security/component/AclAssignerTest.java

@@ -15,9 +15,7 @@
  */
 package org.genesys.blocks.security.component;
 
-import static org.hamcrest.Matchers.equalTo;
-import static org.hamcrest.Matchers.greaterThan;
-import static org.hamcrest.Matchers.hasSize;
+import static org.hamcrest.Matchers.*;
 import static org.junit.Assert.assertThat;
 
 import java.util.List;
@@ -42,6 +40,7 @@ import org.junit.Test;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.test.context.transaction.AfterTransaction;
 import org.springframework.transaction.annotation.Transactional;
 
@@ -58,7 +57,9 @@ public class AclAssignerTest extends BaseTest {
 	private AclEntryPersistence aclEntryPersistence;
 	@Autowired
 	private AclObjectIdentityPersistence aclObjectIdentityPersistence;
-	
+	@Autowired
+	private PasswordEncoder passwordEncoder;
+
 	private TestUser user;
 
 	@Override
@@ -75,6 +76,7 @@ public class AclAssignerTest extends BaseTest {
 	@Before
 	public void setupSecurityContext() throws NotUniqueUserException, PasswordPolicyException, UserException {
 		user = testUserService.createUser(USER_EMAIL, USER_FULLNAME, "password1!", AccountType.LOCAL);
+		assertThat(passwordEncoder.matches("password1!", user.getPassword()), is(true));
 		SecurityContextHolder.getContext().setAuthentication(new UsernamePasswordAuthenticationToken(user, "bar"));
 	}